Professionally Evil Application Security (PEAS): Unveiling Server-Side Discovery and Exploitation
May 22 @ 12:00 pm – 4:00 pm EDT
Instructor: Jennifer Shannon and Larry Hammond
Course Length: 4 Hours
Clicking on this button will take you to our registration form
Welcome to the world of application security, where you’ll unravel the hidden flaws lurking within server-side portions of web applications. Join us for the second course in the Professionally Evil Application Security series.
Designed to expand your expertise in vulnerability discovery, this course focuses on key concepts and techniques to identify and mitigate server-side vulnerabilities. Led by Secure Ideas’ experts, you’ll gain the knowledge and practical skills necessary to assess applications and their risk of malicious attacks.
Begin your journey with a comprehensive introduction, setting the stage for the exciting challenges ahead. Dive into the intricacies of discovery, as you explore various flaws within the server-side portions of the applications and APIs. Understand the significance of context and grasp the essential concepts related to flaws that can compromise server-side security.
Through hands-on exercises and real-world examples, you’ll delve into critical areas such as authentication and authorization, session fixation, redirects and forwards, injections, insecure deserialization, server-side request forgery (SSRF), and XML external entities. Uncover the techniques used by attackers to exploit these vulnerabilities and learn how to effectively counteract them.
Our expert instructors will guide you through each module, providing in-depth insights and practical knowledge to enhance your skills. Engage in stimulating discussions, participate in interactive labs, and gain valuable experience in vulnerability discovery within our cutting-edge test environment.
Enroll in Unveiling Server-Side Discovery and Exploitation today to fortify your application security arsenal and emerge as a proficient professional in the field. Together, we’ll navigate the intricate world of server-side vulnerabilities and empower you to protect applications with confidence and expertise.
Pay-What-You-Can and Cyber Range Access
Cyber Range access varies depending on payment level.
|Cyber Range Access
|Less than $295
|No Cyber Range Access
|Six Months Cyber Range Access
|Full Price – $575
|Twelve Months Cyber Range Access
Jennifer is a senior security consultant at Secure Ideas with a background in malware analysis, penetration testing, and teaching. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst, where she showed an aptitude for penetration testing and malware analysis. Her background as “blue team” uniquely prepared her for guiding clients through remediation and contextualizing findings for their environment.
She graduated with honors from Florida State College at Jacksonville’s networking program. While pursuing her degree, she dedicated time to teaching computing skills to underrepresented minorities. Jennifer continues to be passionate about teaching and is eager to share her knowledge with anyone who will listen.
Larry Hammond is a Senior Security Consultant for Secure Ideas, where he helps clients find vulnerabilities and architectural issues in their systems. He has a wealth of experience in different security roles, from information protection to technical sales to penetration testing. He knows the ins and outs of securing networks, as well as the benefits and risks involved.
Larry has worked with various industries, performing application, network, and wireless security testing. He has also been a sales engineer for security detection and response products, where he learned about the challenges of defending large enterprise networks from cyberattacks.